This article outlines the supported environments framework for Mimecast end user applications and administrative portals, as well as Large File Send access key generation pages.

Browser Support Matrix

Browser

Administration Console *

Connect Application

Mimecast Personal Portal

Secure Messaging

Large File Send

Targeted Threat Protection

Internet Explorer 11

✓

✓

✓

✓

✓

✓

Edge

✓

✓

✓

✓

✓

✓

Chrome

✓

✓

✓

✓

✓

✓

Safari

✓

✓

✓

✓

✓

✓

Firefox v3 Onwards

✓

✓

✓

✓

✓

✓

* Devices with a browser resolution lower than 768px aren't currently supported.

Internet Explorer version support follows the Microsoft life cycle. We strongly encourage you to update your browser to a supported version for the purposes of security assurance.

TLS and SSL Protocols

This section is intended as a reference to the protocols and cipher suites that Mimecast supports. It is not a detailed explanation of the workings of TLS and SSL.

Our web applications are accessed using Hypertext Transfer Protocol Secure (HTTPS). Technically HTTPS is not a protocol. It's the result of layering HTTP on top of Transport Layer Security (TLS) or Secure Sockets Layer (SSL) thereby adding the security of these protocols to cleartext HTTP communications. Using these cryptographic protocols doesn't guarantee the connection is secure. As such, we only support certain protocol versions and ciphers.

The quality of the protection provided by SSL relies on the private key (the basis for the security) and the certificate (which conveys the identity of the server to its visitors). We use an SSL certificate issued by Verisign, a reputable Certificate Authority (CA) that has a 2048-bit RSA key. We no longer support SSLv3 for inbound browser connections. Instead one of the following TLS versions should be used:

Protocol

Description

TLS v1.0

Considered to be secure. There are no known major security weaknesses (provided it is properly implemented).

TLS v1.1 and 1.2

The most secure protocols that have no known security issues. However, many server and client systems do not currently support these protocols.

Cipher Suites

TLS/SSL cipher suites enforce the actual security of the encrypted session. We support several strong cipher suites with a minimum of 128 bits. This guarantees your secure connection cannot be decrypted if intercepted. The following cipher suites aren't supported:

Cipher

Reason for Non-Support

Anonymous Diffie-Hellman (ADH) suites

It provides no authentication.

NULL cipher suites

It provides no encryption.

EXPORT cipher suites

It uses trivial encryption.

WEAK cipher suites

It typically uses less than 128 bit.

Rivest Cipher 4 (RC4)

It is insecure.

We're also unable to support any connections using the RC4 cipher, and will be rejected by the Mimecast API. We strongly recommend you update your operating system and browsers to more recent secure versions in order to maintain security.

Internet Explorer Settings

We recommend that the following Internet Explorer browser settings are used:

My colleague has posted a solution on Administration Console v4 thread. Please take a look at the post by Jan Zoet. If you require further assistance then please reach out to our Service Delivery team.

When logging onto the console from an iPad Pro using Safari or Chrome, I am able to enter my credentials but it then spits me back to the username/password screen. I can then enter my username/password countless number of times in an infinite loop, but I will not be able to get in.

Using the personal portal OR authenticating to community.mimecast.com / api.mimecast.com is no issue and I get in first try from the same browser environment.

Are iOS versions of the supported browsers (safari and chrome).... not supported?

While this is helpful to a degree, can these points please be clarified?

1. Could a link to the regional login URLs be added to the table above, instead of just the text "Add the Login URLs to your Trusted Sites"? Even with that information available, we have found on some occasions that we have needed to add further mimecast URLs to the trusted sites list in order for some scripts to work.

2. Does "Check that the built-in security settings for the Trusted Sites are set no higher than Medium-high" mean check that they are no more- or less-secure than "Medium-high"? "No higher" is ambiguous here.

We frequently have trouble with contacts who are unable to reset their secure messaging password, they receive a message that they don't meet the complexity requirements or their email address is incorrect. I was just now able to duplicate that with one person, using IE 11, switching to Firefox the process worked as expected.

It's unreasonable to expect that each contact who receives a secure message can/will/should change their IE settings to match the above, assuming that will even work. Mimecast needs to fix this so it works seamlessly regardless of browser used, it's very poor customer service to expect otherwise.

Why do you advise to enable Delete Browsing History on Exit when device enrolment relies on cookies to work? Chances are pretty high that cookies are selected as in item to delete when this is enabled and so you will find yourself having to enrol every time.

I have not been able to log into my administrator console for 3 days now. I can enter my credentials, but as soon as I click log in, it just throws me back to the log in screen again. No matter how many times try to log in, reboot my browser, reboot my pc, nothing works. I am using Chrome. I can log in from my ipad on safari and chrome, but not from my windows 10 pc.

Please report the issue to your company Help Desk or to Mimecast Support (if you work in that capacity). There are many variables specific to the local environment that need to be eliminated. This KB is intended as a version-supportability guide only.